Security Intelligence, two different Approaches
We are monitoring activities around Security Intelligence since a while and found quite different understandings and approaches. Security Intelligence is one the newest disciplines in the area of Information Security and the goals seems to be quite vague. Different organizations seem to have totally different understandings of what Security Intelligence should be about. To illustrate this I would like to compare two of the leading IT vendors and what they publish as “Security Intelligence”: Cisco Security Intelligence Operations http://tools.cisco.com/security/center/home.x Cisco lists on the Security Intelligence Portal mainly security advisories, alerts, responses and information about Cisco product updates, signature updates, mitigation bulletins virus watch and similar topics. To provide this kind of information is in my humble opinion the task of a CERT (Computer Emergency Response Team) or a PSIRT (Product Security Incident Response Team).